Omeka S CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-4561	1 Omeka	1 Omeka S	2024-11-21	4.8 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.4.
CVE-2023-4560	1 Omeka	1 Omeka S	2024-11-21	6.5 Medium
Improper Authorization of Index Containing Sensitive Information in GitHub repository omeka/omeka-s prior to 4.0.4.
CVE-2023-4159	1 Omeka	1 Omeka S	2024-11-21	8.8 High
Unrestricted Upload of File with Dangerous Type in GitHub repository omeka/omeka-s prior to 4.0.3.
CVE-2023-4158	1 Omeka	2 Omeka, Omeka S	2024-11-21	5.4 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.3.
CVE-2023-4157	1 Omeka	2 Omeka, Omeka S	2024-11-21	5.2 Medium
CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in GitHub repository omeka/omeka-s prior to version 4.0.3.
CVE-2023-3982	1 Omeka	2 Omeka, Omeka S	2024-11-21	4.8 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.2.
CVE-2023-3981	1 Omeka	2 Omeka, Omeka S	2024-11-21	4.9 Medium
Server-Side Request Forgery (SSRF) in GitHub repository omeka/omeka-s prior to 4.0.2.
CVE-2023-3980	1 Omeka	2 Omeka, Omeka S	2024-11-21	4.8 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.2.

Page 1 of 1.